Date post: | 01-Jan-2016 |
Category: |
Documents |
Upload: | walter-thornton |
View: | 16 times |
Download: | 2 times |
Homework & Review
• Questions?• Everything after this is for accuracy
– “All your permanent teeth are in, okay? You’re playing for keeps now!” -Psych
• Review:– Absolute Path– Relative Path– Linux Directory Structure– Shell look and feel
Today
• Linux Folders• Permissions• Directories
Hi Again Tom• I like Tom – it’s a great visualization of paths
Important Directories
• /bin - commands• /dev - devices• /etc - system configuration• /home - user files• /opt - application directory• /root - root user’s home directory• /sbin - commands• /tmp - temporary files• /var - changing files• There are more, but we’re starting here
Quick Aside
Windows has .exe files for ‘executable’ How you differentiate programs from other files
Linux doesn’t have this You can only tell executables by the permissions What flag on the ls command would show
permissions?
Commands are “programs”
Folders - /bin, /sbin and /dev /bin and /sbin – commands
/bin/ls /sbin/ip
/dev – devices /dev/hdd – IDE hard drives /dev/sda – SATA/SAS hard drives /dev/tty – userspace /dev/cciss – HP’s RAID /dev/dvd – DVD /dev/vg_it136centos65vm – Virtual HDD space
Run the df command to see
Folders - /etc, /home, /opt /etc – configuration files
Configures applications on the system Both integrated and not /etc/sudoers, /etc/httpd/conf/httpd.conf /etc/named.conf, /etc/dhcpd.conf
/home – default user space /home/<username> Users will then create/manage their own files/directories
/opt – third party application space Anything you buy from someone that “runs on Linux”
should be here If it’s not that is a BIG red flag (usually)
Folders - /root, /tmp, /var
/root – home directory for the root user, usually contains backups of configuration files or is a staging area for administrative tasks
/tmp – temporary space, some OS “lock” files, staging area for updates/installations
/var – files that will change through the course of normal system operation (mail, logs, some databases/web servers)
Permissions Permissions in Linux are shown by the ls –l
command -l stands for ‘long list’ which includes the
permissions, owner, and group Linux permissions are shown in two ways
Octal and symbolic Each break permissions down into three groups
1) user/owner of the file 2) group set to use the file 3) everyone else
Octal Three groups of numbers, each number runs
from 0 through 7 777, 733, 755 (three very common
permissions), 456, 523, 123, are other possibilities
So each numerical value has a defined level of access: 0 – no access for anybody 1 – execute permissions 2 – write permissions 4 – read permissions
Oct-wait, what?!
1, 2, 4?! Yes, how’s your math? Every unique combination now stands for a
unique type of access If read was 3 (and not 4), then what would
happen if we wanted to make a file that was executable, and writeable?
Octal Math Unique options are 3, 5, 6, and 7 from
1) execute 2) write 4) read
So, what do these unique options mean 3 = 5 = 6 = 7 =
Octal Permissions (partial) So what does ‘read,’ ‘write,’ and ‘execute’ mean? File:
4) Read: You can read the contents (cat, vi but no saving)
2) Write: You can edit the file (vi, plus saving!) 3) Execute: If it’s a script, you can run it (./)
Directory: 4) Read: You can see what’s inside (ls) 2) Write: You can create new files (touch, vi + saving!) 1) Execute: You can move inside the directory (cd)
Symbolic Permissions
Read, write, and execute are now letters Read: r Write: w Execute: x No permissions: - Now there are three spaces: ---
Symbolic Permissions, cont’d Meaning stays the same: Files:
r - can cat the file, open in vi without saving w - can save in editor (vi) x - can run the script No permissions: -
Directories: r - can do an ls to see files inside w - can create new files (vi/touch) x - can move inside
Groups of Groups
So we have three options (read, write, execute) These options combine into three groups User/owner – the primary user (owner) of the
file Group – the primary group the file is associated
with Others – everyone else not the primary user
(owner) or group Don’t get ‘owner’ and ‘others’ confused!
Groups of Groups, again
Each group gets a full set of permissions Octal
000 (no permissions to anyone) 777 (full permissions to everyone)
Symbolic --------- (no permissions to anyone) rwxrwxrwx (full permissions to everyone)
Or some combination
Groups of Groups, 3
Each set of permissions stands for a different group
Octal 7 7 7 Owner Group Others
Symbolic rwx rwx rwx Owner Group Others
Real Example
[student@it136centos58vm ~]$ ls -l
total 20
-rw-rw-r– 1 student student 29 Apr 17 16:53 err.out
-rwxrwxr-x1 student student 29 Apr 17 16:53 script.sh
-rw-rw-r– 1 student student 29 Apr 17 16:53 teams2.txt
-rw-rw-r– 1 student student 29 Apr 17 16:53 teams.txt
permissions owner group filename
Manipulation Commands mkdir <arg> – make new directory at (and
named) <arg> - ~/backups or /tmp/test cd <arg> – change directory into ‘arg’ (path) ls -l <arg> – list file permissions at ‘arg’ (path) chmod <arg1> <arg2> - change the
permissions to ‘arg1’ (new permissions) on ‘arg2’ (file/path), explained next slide
chmod is awesome, works on directories or files
chmod
chmod <permissions> /path/to/anything chmod <permissions> /etc/passwd chmod <permissions> ~/myscript.sh <permissions> Can be octal or symbolic Otcal: chmod 755 ~/myscript.sh chmod 700 ~
chmod, symbolic Symbolically, we can update one specific group
(user_owner, group, others) chmod g+rwx file - give rwx to the group chmod o+rwx file - give rwx to ‘others’ chmod u+rwx file - give rwx to the user/owner chmod a+rwx file - give rwx to everyone chmod o-r file - remove read permissions from
‘others’ chmod u-x file - remove execute permissions
from user/owner
Your Turn – Interpret the Following Octal: User full, group read, nothing for others
755
Symbolic: User read and write, group write, others read
r-xrw---x
Necessary File Permissions• To read a file (cat, less, grep, etc…)• As owner -r--------; group ----r-----; other_users -------r--• To write to a file (vi, nano, emacs, etc…)• As owner -rw-------; group ----rw----; users -------rw-• You need to be able to read (see the contents of) the file you
want to write to • You can’t write in a book unless you can open the book• To run a script (./script.sh)• As owner -r-x------; group ----r-x---; users -------r-x• Again, you need to be able to see the contents of the script to
know what actions the script is telling you to do• These are all file-based (not directory)
Necessary Directory Permissions• To list the contents of a directory (ls backups)• Owner: -r--------; group: ----r-----; users: -------r--• To move into a directory (cd backups)• Owner: ---x------; group: ------x---; users: ---------x• Note that execute-only will not allow the user to do an ls• Create or modify files inside a directory (touch/echo/vi)• Owner: --wx------; group: ------wx---; users: --------wx• Note - you will still not be able to do an ls as you do not have
‘read’ permissions• Run scripts inside a directory (./script.sh)• Owner: --wx------; group: ------wx---; users: --------wx• Note - again, if something inside the script requires read
permissions, it will not work, but the script will run
Questions on Permissions?
Symbolic or octal Three groups of three Read, Write, Execute, None User/owner, Group, Others chmod
Switch User
su <username> Will switch to the account named <username>
su Will switch to the ‘root’ or admin account Root has all privileges Used for adding users,
patching/updating/installing, reading log files, troubleshooting and other administrative tasks
Corporate Environments As an admin you’ll get several passwords 1) Your own (as a “power user”) 2) An account that can access all devices (if needed) 3) Administrator/root password #3 is what is known as the ‘keys to the kingdom’ –
Windows group doesn’t share with Linux group, which doesn’t share with network group
Keep the root pw extremely confidential Is usually something clever like we have so they can
reference it out loud without others knowing exactly what it is
Quiz Monday 30 minutes 10 questions From Day 1 to now
So expect a question on each topic listed in the “review” or “today” slides from each lecture
And at least one “what is a kernel/os/etc…” question Open book, open note No collaboration
Email, chat, text, social network, etc…
Own Study
Folders review Sobell Ch 4 – The Filesystem (81-89)
Permissions Sobell Ch 4 – Access Permissions (98-103)